[tproxy] sctp for tproxy

maria isabel marifran.isabel0 at gmail.com
Fri Mar 18 12:15:51 CET 2011


Hello All,
    I have attached the code snippet for extending tproxy to support sctp
functionality.

    For the socket lookup I use:

struct sock *nf_tproxy_get_sock_sctp4(const struct sk_buff *skb){

 struct sctp_association *asoc;
 union sctp_addr *saddr , *daddr;
 struct sctp_transport **transport;
 struct sctphdr *sh;
 struct sock *sk;

 void *temp;
 void *temp1;

 memset(saddr,0,sizeof(saddr));
 memset(daddr,0,sizeof(daddr));

 saddr->v4.sin_family = AF_INET;
 daddr->v4.sin_family = AF_INET;

 sh = sctp_hdr(skb);

 temp=&ip_hdr(skb)->saddr;
 temp1=&ip_hdr(skb)->daddr;

 memcpy(&saddr->v4.sin_addr.s_addr,temp, sizeof(struct in_addr));
 memcpy(&daddr->v4.sin_addr.s_addr,temp1, sizeof(struct in_addr));


 asoc = __sctp_get_association(saddr, daddr, transport);
         if (!asoc)
             sk=NULL;
       sk = asoc->base.sk;

return sk;
}

This function I plan to invoke from both xt_TPROXY.c and xt_socket.c for
sctp instead of the existing function for tcp and udp.

if(iph->protocol == IPPROTO_TCP || iph->protocol == IPPROTO_UDP){
        sk = nf_tproxy_get_sock_v4(dev_net(skb->dev), iph->protocol,
                                   iph->saddr, tgi->laddr ? tgi->laddr :
iph->daddr,
                                   hp->source, tgi->lport ? tgi->lport :
hp->dest,
                                   par->in, true);
        }

        else
          if(iph->protocol == IPPROTO_SCTP){
               sk = nf_tproxy_get_sock_sctp4(skb);
          }

Have I missed out any condition during the socket lookup ?
What about the icmp support?Can I just reuse the existing functionality by
adding sctp to the list of protocols?

Thanks and Regards,
     Maria
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20110318/f105f346/attachment.htm 


More information about the tproxy mailing list